skirtcafe.org

Skirt Cafe is an on-line community dedicated to exploring, promoting and advocating skirts and kilts as a fashion choice for men, formerly known as men in skirts. We do this in the context of men's fashion freedom --- an expansion of choices beyond those commonly available for men to include kilts, skirts and other garments. We recognize a diversity of styles our members feel comfortable wearing, and do not exclude any potential choices. Continuing dialog on gender is encouraged in the context of fashion freedom for men. See here for more details.

One might as well call a spade a spade, because that's what forum moderators and administrators are in when it comes to those who would pollute various spaces with endless commercial (and worse) advertising and junk. The advertisers have won in the realm of broadcast media -- including broadcast media that folks pay to subscribe to -- and they won in USENET and destroyed that global community. The next target, it seems, is on-line spots like this little "cyber hamlet".

The astute have, no doubt, noticed the marked uptick in "new users" with strange "noms de plume", and the very astute will have noticed that those self-same new users have also summarily disappeared from the community. With a nod to Buckaroo Banzai and the Adventures Across the Eighth Dimension, "Spammers! Pure and simple!"

It looks like not only has the "captcha" we use to keep this vermin down been compromised, but also the "secret sauce" that I put in to try to keep it down to a dull roar. It worked for a while, but that gain has been lost (That's the problem with Arms Races).

In short, the admin and mod staff have been busily at work trying to keep the miscreants out. I'd like very much to honour my partners in this -- Milfmog and Uncle Al -- for their assistance; without a presence "where the sun never sets" we'd be doomed.

Advertizing is a real pain in somewhere. However I think it is now being seen as counterproductive. In both France and Spain, the main state tv channels are now free of ads for most of the day. I hope the trend will continue.

couyalair wrote:Advertizing is a real pain in somewhere. However I think it is now being seen as counterproductive [...]

Much of that depends on whether the adverts are relevant to what one is interested in. For instance, I would not be averse at all to having kilt or men's skirt manufacturers post the occasional announcement of new products or promotions here on SkirtCafe because that's decidedly on-topic for the community. However, everything the moderation team (The "Mod Squad"?) has seen has been completely and utterly off-topic for the community so it gets stepped on.

The problem with most advertisers is that they "carpet-bomb" places which are not interested in the wares they're pushing. This is especially pernicious where the advertiser pays nothing for the activity, as is the case with spam; in this case, the cost is shifted to the receiver who is expending his resources to receive something that he's not even remotely interested in.

I'm really beginning to dread the upcoming election in the USA. With an almost infinite amount of money available for advertising campaigns -- thanks to the Supreme Court ruling that a corporation is equivalent to an individual citizen -- the carpet-bombing is going to be especially severe starting in about three or four months' time. I can hardly wait...

In both France and Spain, the main state tv channels are now free of ads for most of the day. I hope the trend will continue.

crfriend wrote:In short, the admin and mod staff have been busily at work trying to keep the miscreants out. I'd like very much to honour my partners in this -- Milfmog and Uncle Al -- for their assistance; without a presence "where the sun never sets" we'd be doomed.

And the three of you have been doing an outstanding job. And you have my sincere thanks for it.John

Thatnks for that, Stuart. The basic article was interesting enough; I want to read the actual paper, however, and that may take a while.

I'm probably not going to make any changes to the software that generates the captcha that SkirtCafe uses as I'd rather let that just follow the course that the phpBB developers go go down. From my experience, getting out of sync with what the main developer team is doing quickly gets to the point where one is expending almost as much effort to keep one's own changes in as the developers are doing to drive the whole thing forward.

The other problem with captchas, and why I don't particularly like them, is that there are some folks who cannot, for one reason or other, solve them. We had a very nice chap try to register a week or so ago, couldn't make it work, and we went through quite a lot of effort to resolve it before he just gave up. I found that very sad, because from the e-mail that went back and forth he seemed that he'd make a wonderful member of the community.

However, all is not for naught. One of the most basic fundamentals of secuirty is to have layers -- "security in depth"" -- such that if one layer gets cracked other layers will pick up the slack, and that's what we've got here. The net result is that the mods and admins are getting a bit higher of a workload until other workarounds can be immplemented. I'll admit that some of those tactics are a wee bit ham-fisted (like black-holing all of China, for instance), but some of them are more precise like determing the pattern of e-mail addresses that the 'bots are using and putting countermeasures on those. (Most of the latest batch of robo-registrations use G-mail addresses, indicating that Google have clearly let down their guard when it comes to mail accounts and, despite their mantra of "do no evil" are, in fact, abetting the spammers by tolerating their (ab)use of G-mail's resources.)

I hope you don't cut off everyone who uses GMail. Since that would shut me off. I prefer GMail for my personal accounts due to its simple interface. You log in and there is your mail. I also have some Yahoo accounts (default provider for AT&T, my DSL provider) and I hate all the cr@p you have to wade through to get to your mailbox. Not to mention all the flash ads, some of which are for obviously bogus services.

Stuart Gallion No reason to hide my full name Back in my skirts in San Francisco

skirted_in_SF wrote:I hope you don't cut off everyone who uses GMail. Since that would shut me off.

I'm not quite that dumb.

What I did do, and since it's unlikely that bot-writers are reading this, is to temporarily disallow the use of the "+" delimiter for new-registration e-mail addresses at gmail.com and also to disallow the use of more than four "." characters in the user portion of gmail.com addresses. Both of those patterns have shown up prominently in bot registrations recently. Once this particular threat passes (or becomes passe) I'll pull the rules out.

skirted_in_SF wrote:I hope you don't cut off everyone who uses GMail. Since that would shut me off.

I'm not quite that dumb.

What I did do, and since it's unlikely that bot-writers are reading this, is to temporarily disallow the use of the "+" delimiter for new-registration e-mail addresses at gmail.com and also to disallow the use of more than four "." characters in the user portion of gmail.com addresses. Both of those patterns have shown up prominently in bot registrations recently. Once this particular threat passes (or becomes passe) I'll pull the rules out.

Whew, I guess I'm in the clear then. Just a plain e-mail address for me.I wondered who used those address tricks. Apparently the Gmail system ignores anything to the left of the + and I have seen it suggested using that trick when you have to supply an e-mail address to a site to tell if they have sold/traded it on to others.

Stuart Gallion No reason to hide my full name Back in my skirts in San Francisco

skirted_in_SF wrote:I wondered who used those address tricks. Apparently the Gmail system ignores anything to the left of the + and I have seen it suggested using that trick when you have to supply an e-mail address to a site to tell if they have sold/traded it on to others.

The "+" delimiter is a notion that many MTAs (Mail Transfer Agents) and MUAs (Mail User Agents) use to allow individual users to have more than one "inbox" and allow simple routing to those boxes. In short, the MTA honours all the stuff to the left of the "+" as the recipient's name, and the MUA then fiddles with the stuff to the right of it as the "virtual in-box" identifier. Gmail may, or may not, honour the implementation of this, but it does allow one to trace who "leaked" an e-mail address.

It's worth reiterating that the current ban on so-formeg gmail.com addresses only applies to new registrants and was configured with an automatic 7-day expiry so that my forgetting about it would not cause overt problems in the future.

I offer many thanks to those who have voiced support for the "Mod Squad" here at SkirtCafe. The past couple of months have been a right hassle for the folks who toil behind the scenes, and I invite Uncle Al and Milfmog to take well-deserved bows for yeomans' service to the cause.

Since the onslaught of 'bot registrations seems to show no signs of slackening, I've opted to change the tactics involved to put the human back "in the loop". This means that new registrations get to pass through carbon-based decision-makers. It also means that the workload on the mod team will (hopefully) lessen in the grand scheme of things as we can simply ignore obviously fraudulent registrations rather than manually deactivating or banning them.

The community at large should notice little, if any, change; this is a behind-the-scenes tactical shift only. As always, if anybody has any technical problems with SkirtCafe, a proper human can be reached at the slightly-obfuscated e-mail address beneath the masthead.